Legitimate Service Abuse

RSS

Email,Alert,And,Message,Sending,/,Receiving,Concept,:,Envelope

Security Operations

Threat Research

Black Basta

Featured

Fin7

Java malware

legitimate service abuse

Microsoft Office 365

python malware

Quick Assist

remote machine management

Sophos X-Ops

STAC5143

stac5777

Teams

Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”

A,Wooden,Acoustic,Guitar,At,Night.,With,Spotlight,For,Your

Security Operations

Threat Research

CloudFlare

Featured

FlowerStorm

legitimate service abuse

Phishing

phishing-as-a-service

Rockstar

Rockstar2FA

Sophos MDR

Sophos X-Ops

Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces

The,Muddy,Water,Of,The,Jordan,River,At,The,Border

Security Operations

Threat Research

Atera

Featured

legitimate service abuse

MDR.

MuddyWater

Phishing

RMM

Sophos X-Ops

STAC 1171

TA450

Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”

Threat Research

exfiltration

Featured

Google Forms

legitimate service abuse

Phishing

TLS

Phishing and malware actors abuse Google Forms for credentials, data exfiltration